LeastPrivilegedMSGraph
1.1.0
Analyzes Microsoft Graph permissions and provides least privileged recommendations
Minimum PowerShell version
5.0
Installation Options
Owners
Copyright
(c) Morten Mynster. All rights reserved.
Package Details
Author(s)
- Morten Mynster
Functions
Assert-LPMSGraph Export-PermissionAnalysisReport Get-AppActivityData Get-AppRoleAssignment Get-AppThrottlingData Get-PermissionAnalysis Initialize-LogAnalyticsApi Invoke-LPMSGraphScan
Dependencies
Release Notes
## [1.1.0] - 2025-12-19
### Added
- **New Cmdlets:**
- `Assert-LPMSGraph` - Validates all prerequisites before running analysis (EntraAuth connectivity, workspace configuration, required modules)
- `Invoke-LPMSGraphScan` - Single orchestration command that executes the complete least privilege analysis workflow
- Supports both workspace ID and detailed workspace parameters (subscription, resource group, workspace name)
- Includes optional throttling data collection
- Automatically chains all analysis steps: role assignments > activity data > throttling data > permission analysis > report generation
- **User Context Support:**
- Module now supports delegated (user) authentication context in addition to app-only (service principal) authentication
- Enhanced flexibility for different authentication scenarios and permission models
### Acknowledgments
Thanks to Jos Lieben (jflieben) for the suggestion
FileList
- LeastPrivilegedMSGraph.nuspec
- LeastPrivilegedMSGraph.psm1
- en-US\about_LeastPrivilegedMSGraph.help.txt
- data\permissions-beta.json
- data\extraction-summary.md
- en-US\LeastPrivilegedMSGraph-help.xml
- data\permissions-v1.0.json
- data\base.html
- LeastPrivilegedMSGraph.psd1
Version History
| Version | Downloads | Last updated |
|---|---|---|
| 1.1.0 (current version) | 14 | 12/19/2025 |
| 1.0.0 | 8 | 12/15/2025 |
| 0.1.2-preview | 15 | 11/26/2025 |
| 0.1.1-preview | 4 | 11/26/2025 |